RSA Archer till 6.7 P1 DOM-Based cross site scripting

InträderedigeraHistoryDiffjsonxmlCTI

Det var en problematiskt svag punkt som finns i RSA Archer till 6.7 P1 (Risk Management System). Som påverkar en okänd funktion. Genom att installera patchen 6.7 P2, kan problemet lösas.

Tidslinje

Användare

Fält

Commit Conf

Approve Conf

IDEngageradAnvändareFältFörändraAnmärkningarModereradAnledningC
1052153715/10/2020VulD...cve_cnaDellnvd.nist.gov15/10/2020accepterad
70
1005912005/05/2020VulD...cve_nvd_summaryRSA Archer, versions prior to 6.7 P2 (6.7.0.2), contains a Document Object Model (DOM) based cross-site scripting vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by tricking a victim application user to supply malicious HTML or JavaScript code to DOM environment in the browser. The malicious code is then executed by the web browser in the context of the vulnerable web application.mitre.org05/05/2020accepterad
100
1005911905/05/2020VulD...cve_assigned1578009600mitre.org05/05/2020accepterad
100
1005911205/05/2020VulD...cvss3_nvd_aLnist.gov05/05/2020accepterad
100
1005911105/05/2020VulD...cvss3_nvd_iLnist.gov05/05/2020accepterad
100
1005911005/05/2020VulD...cvss3_nvd_cHnist.gov05/05/2020accepterad
100
1005910905/05/2020VulD...cvss3_nvd_sCnist.gov05/05/2020accepterad
100
1005910805/05/2020VulD...cvss3_nvd_uiRnist.gov05/05/2020accepterad
100
1005910705/05/2020VulD...cvss3_nvd_prLnist.gov05/05/2020accepterad
100
1005910605/05/2020VulD...cvss3_nvd_acLnist.gov05/05/2020accepterad
100
1005910505/05/2020VulD...cvss3_nvd_avNnist.gov05/05/2020accepterad
100
1005908305/05/2020VulD...cwe79 (cross site scripting)05/05/2020accepterad
100
1005907905/05/2020VulD...typeRisk Management System05/05/2020accepterad
100
1005912805/05/2020VulD...cvss3_nvd_basescore8.2nist.gov05/05/2020accepterad
90
1005912705/05/2020VulD...cvss3_vuldb_rcXsee CVSS documentation05/05/2020accepterad
90
1005912605/05/2020VulD...cvss3_vuldb_rlOsee CVSS documentation05/05/2020accepterad
90
1005912505/05/2020VulD...cvss3_vuldb_eXsee CVSS documentation05/05/2020accepterad
90
1005912405/05/2020VulD...cvss2_vuldb_rcNDsee CVSS documentation05/05/2020accepterad
90
1005912305/05/2020VulD...cvss2_vuldb_rlOFsee CVSS documentation05/05/2020accepterad
90
1005912205/05/2020VulD...cvss2_vuldb_eNDsee CVSS documentation05/05/2020accepterad
90

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!